Accor Performance Cookies Blocked

[GMNGeoffrey]

Prerequisites

• This is not a support issue or a question
• I performed a cursory search of the issue tracker to avoid opening a duplicate issue
• I am running the latest version of uBlock Origin

I tried to reproduce the issue when...

• uBO is the only extension
• uBO with default lists/settings
• using a new, unmodified browser profile

URL(s) where the issue occurs

https://all.accor.com/account/index.en.shtml#/my-bookings

Describe the issue

Attempting to click the "book now" button on this page fails iff uBlock origin is enabled and you selected "performance cookies" when managing cookie options. You will also get an error page after logging in. Repro:

1. Open new incognito window with only ublock origin active
2. Go to https://all.accor.com/account/index.en.shtml#/my-bookings (any page that redirects to login will work).
3. When prompted, select "customise cookies"
4. Choose to enable "performance cookies" and save
5. Log in with email and password
6. Go to "my bookings" via the same URL above or via the account menu
7. Click "book now"

Expected behavior: takes you to bookings page
Actual behavior: Nothing happens

Screenshot(s)

accor-ublock-bug-2022-04-09.zip

Notes

No response

Configuration

uBlock Origin: 1.41.8
Chromium: 99
filterset (summary): 
  network: 80338
  cosmetic: 42316
  scriptlet: 16375
  html: 0
listset (total-discarded, last updated): 
  default: 
    user-filters: 13-1, never
    easylist: 65580-51, 9h.42m
    easyprivacy: 26754-121, 3d.11h.26m
    plowe-0: 3690-810, 9d.13h.13m
    ublock-abuse: 72-0, 9d.7h.13m
    ublock-badware: 4012-90, 2d.21h.39m
    ublock-filters: 30390-91, 2d.8h.40m
    ublock-privacy: 205-2, 10d.7h.29m
    ublock-quick-fixes: 127-4, 5h.28m
    ublock-unbreak: 1730-42, 1d.2h.59m
    urlhaus-1: 7824-0, 5h.29m
filterset (user): [array of 13 redacted]
trustedset: 
  added: [array of 12 redacted]
  removed: 
    chrome-scheme
switchRuleset: 
  added: [array of 41 redacted]
modifiedUserSettings: 
  cloudStorageEnabled: true
  colorBlindFriendly: true
modifiedHiddenSettings: [none]
supportStats: 
  allReadyAfter: 327 ms (selfie)
  maxAssetCacheWait: 6703011 ms

[stephenhawk8054]

I don't have an account so here are other steps that I can reproduce on my side:

1. Go to:
   https://all.accor.com/geoloc/selectdisplayzone/index.en.shtml
2. Customize cookie to Performance Cookies and confirm.
3. Choose any regions.
4. Click on login icon at the top right of the screen.
5. Click on Create an account
6. At next page, put an email to the blank field and click on Continue, nothing happens

Whitelisting these connections makes it work for me. Anyone has better alternatives?

@@||googletagmanager.com/gtm.js$script,domain=login.accor.com
@@||googletagmanager.com/gtag/js$script,domain=login.accor.com
@@||google-analytics.com/analytics.js$script,domain=login.accor.com

[krystian3w]

Maybe possible improve redirect resources if page no try found someting non-standard.

But improve is not backward compatibility - if user no override resources from advanced settings (https://github.com/gorhill/uBlock/wiki/Advanced-settings#userresourceslocation) e.g. Chromium 49 on XP and old supported uBO.

[mapx-]

@GMNGeoffrey can you confirm the filters above are working for you ?

[GMNGeoffrey]

Sorry for the delayed response. I'm on vacation :-)

Thanks for figuring out the right filters. I'm a ublock noob and had trouble finding the right ones. I figured out tag manager, but just that wasn't sufficient. To fix things across the whole site (at least to include the "mybookings" page), I needed to extend to the whole domain.

@@||googletagmanager.com/gtm.js$script,domain=accor.com
@@||googletagmanager.com/gtag/js$script,domain=accor.com
@@||google-analytics.com/analytics.js$script,domain=accor.com

[stephenhawk8054]

Sorry for the delayed response. I'm on vacation :-)

Thanks for figuring out the right filters. I'm a ublock noob and had trouble finding the right ones. I figured out tag manager, but just that wasn't sufficient. To fix things across the whole site (at least to include the "mybookings" page), I needed to extend to the whole domain.

@@||googletagmanager.com/gtm.js$script,domain=accor.com
@@||googletagmanager.com/gtag/js$script,domain=accor.com
@@||google-analytics.com/analytics.js$script,domain=accor.com

What is the URL of my bookings page? From what I see, it's still all.accor.com, or are there other subdomains that are affected too?

[GMNGeoffrey]

The issue is you get directed to the login page which is at login.accor.com

[stephenhawk8054]

The issue is you get directed to the login page which is at login.accor.com

Can you check if these ones work for you?

@@||googletagmanager.com/gtm.js$script,domain=all.accor.com|login.accor.com
@@||googletagmanager.com/gtag/js$script,domain=all.accor.com|login.accor.com
@@||google-analytics.com/analytics.js$script,domain=all.accor.com|login.accor.com

[GMNGeoffrey]

Yes those seem to work, although in the meantime I think they've also made some changes to the website layout so the exact repro instructions above have changed.